NSA devises pathway into computers isolated from the Internet

The US spy agency denied its ‘active defense’ tactics are similar to those used by its surveillance targets, like China

By David Sanger and Thom Shanker / NY Times News Service, WASHINGTON

Illustration: Kevin Sheu

The US National Security Agency (NSA) has implanted software in nearly 100,000 computers around the world that allows the US to conduct surveillance on those machines and can also create a digital highway for launching cyberattacks.

While most of the software is inserted by gaining access to computer networks, the NSA has increasingly made use of a secret technology that enables it to enter and alter data in computers even if they are not connected to the Internet, according to NSA documents, computer experts and US officials. The technology, which the agency has used since at least 2008, relies on a covert channel of radio waves that can be transmitted from tiny circuit boards and USB cards inserted surreptitiously into the computers. In some cases, they are sent to a briefcase-size relay station that intelligence agencies can set up miles away from the target.

The radio frequency technology has helped solve one of the biggest problems facing US intelligence agencies for years: getting into computers that adversaries, and some US partners, have tried to make impervious to spying or cyberattack. In most cases, the radio frequency hardware must be physically inserted by a spy, a manufacturer or an unwitting user.

The NSA calls its efforts more an act of “active defense” against foreign cyberattacks than a tool to go on the offensive, but when Chinese attackers place similar software on the systems of US companies or government agencies, US officials have protested, often at the presidential level.

Among the most frequent targets of the NSA and its Pentagon partner, US Cyber Command, have been units of the Chinese army, which the US has accused of launching regular digital probes and attacks on US industrial and military targets, usually to steal secrets or intellectual property. However, the program, code-named Quantum, has also been successful in inserting software into Russian military networks and systems used by the Mexican police and drug cartels, trade institutions inside the EU, and such occasional partners against terrorism as Saudi Arabia, India and Pakistan, according to officials and an NSA map that indicates sites of what the agency calls “computer network exploitation.”

“What’s new here is the scale and the sophistication of the intelligence agency’s ability to get into computers and networks to which no one has ever had access before,” said James Andrew Lewis, the cybersecurity expert at the Center for Strategic and International Studies in Washington. “Some of these capabilities have been around for a while, but the combination of learning how to penetrate systems to insert software and learning how to do that using radio frequencies has given the US a window it’s never had before.”

NO DOMESTIC USE

There is no evidence that the NSA has implanted its software or used its radio frequency technology inside the US. While refusing to comment on the scope of the Quantum program, the NSA said its actions were not comparable to China’s.

“NSA’s activities are focused and specifically deployed against — and only against — valid foreign intelligence targets in response to intelligence requirements,” Vanee Vines, an agency spokeswoman, said in a statement. “We do not use foreign intelligence capabilities to steal the trade secrets of foreign companies on behalf of — or give intelligence we collect to — US companies to enhance their international competitiveness or increase their bottom line.”